Search

MC516762 – Reminder: Windows Distributed Component Object Model (DCOM) hardening changes coming March 14, 2023. (archived)

cloudscout.one Icon

check before: 2023-03-14

Product:

Windows

Platform:

Windows Desktop, World tenant

Status:

Change type:

Admin impact

Links:

Details:

As previously announced, security requirements have increased for Windows devices that use the Distributed Component Object Model (DCOM) or Remote Procedure Call (RPC) server technologies. DCOM clients attempting to establish connections to DCOM servers which have applied updates released June 14, 2022, or later, must support an authentication level of RPC_C_AUTHN_LEVEL_PKT_INTEGRITY and higher.


Beginning March 14, 2023, it will no longer be possible to bypass authentication level enforcement by creating a registry key in the DCOM server. Any compatibility issues with the hardening changes must be resolved by this date.


For more information, see KB5004442—Manage changes for Windows DCOM Server Security Feature Bypass (CVE-2021-26414).


When will this happen:


March 14, 2023. Updates released on this day and later will have hardening changes enabled by default with no ability to disable them. By this point, you must resolve any compatibility issues with the hardening changes and applications in your environment.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:

Created:
2023-02-17

updated:
2023-02-17

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


Last updated 1 month ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!